Re: Linux security issues as they pertain to CVS

[Derek R. Price]

"Thornley, David" wrote:

> > -----Original Message-----
> > From: address@hidden [mailto:address@hidden
> > Sent: Friday, May 25, 2001 7:48 PM
> > To: Mark
> > Cc: CVS Mailing List
> > Subject: Re: Linux security issues as they pertain to CVS
> >
> >
> > The problem is that pserver cannot be made secure.  Literally cannot.
> > It runs on a raw, insecure TCP circuit and is subject to all kinds of
> > man-in-the-middle attacks, connection hijacking, spoofing, etc.
> >
> Any problems with running pserver over an encrypted channel?  It seems to
> met that would be just as secure as ssh access (and, of course, just as
> unsafe - the biggest potential security problems being the guys on both
> ends of the channel).

It depends on the encrypted channel implementation and SSH configuration...
SSH, I know, can be configured to change the encryption keys once an hour
and the like.  I expect some of the channel encryptors are capable of
similar but I don't know the details.

Of course, SSH _could_ be granting shell access to users which is a separate
security issue.

And with both SSH and pserver, the security of the user's local file system
is a limitation since if the ~/.cvspass or the ~/.ssh/* secret keys are
compromised then so is your system.  SSH does allow a password to encrypt
the secret key but there may be no way to guarantee that your users are
using that feature and it's possible that using that feature in a useful
manner is a challenge for some users.

Derek

--
Derek Price                      CVS Solutions Architect ( http://CVSHome.org )
mailto:address@hidden         CollabNet ( http://collab.net )
--
I predict future happiness for Americans if they can prevent the government
from wasting the labors of the people under the pretense of taking care of
them.
                        - Thomas Jefferson